Beginning with WordPress

Simply performance is their slogan - Performance, Measurement, and Management (PM2). PM2 is a global boutique consulting firm that specializes in helping corporations execute and reveal their strategy. Owner and CEO, Brett Knowles, along with staff, work for a targeted niche of blue chip and Fortune 1000’s all around the world to help them build balance scoreboards, compensation dashboards, and masterful business planning systems. Their expertise has found their client’s successes profiled in Fortune, Forbes, and the Harvard Review magazines.

Our website being down jeopardized probably our largest deal of the year. A million dollars’ worth of revenue a year was at risk had this not been sorted this out. - Brett Knowles, CEO

To get their message out, they rely on their website to provide prospective clients with overviews of their successes, methodology and thought leadership for their B2B transactions. Dealing with trans-national corporations requires that PM2 show exceptionally high quality in their website.

Disaster hit in midsummer – the PM2 WordPress / Joomla site had been seriously hacked, subsequently Google blacklisted the site. This put PM2 into a position it had never been in before.

Challenge

PM2 had been hosted for some time by a small, local firm. Weeks before, they had noticed increasing problems with hackers that were repeatedly attacking their web environment, which consisted of one Joomla and three WordPress sites.

PM2 thought that they could solve the problem themselves - removing close to 750 different lines of malware from across their site where the hackers had been tampering with their files, but that still wasn’t all of them. The problem only increased.

It was at the point where we’d get blacklisted, we’d spend a week of webmaster time to clean up things and be good for a week just to get hacked and blacklisted again. It was beginning to get frustrating for us but also frustrating for our host.

Though the host did his best to service PM2, the way things were unfolding he couldn’t provide the quality of hosting Brett needed nor any form of malware removal or protection.

We ended up going to SiteGround. During the migration SiteGround said they weren’t going to host our site until we got rid of the viruses. They pointed us in the direction of Sucuri. We went to you guys, and it was a miracle.

Within four hours Brett received several reports from an Incident Response Team member on the different types of malware found and other issues that needed to be fixed.

A few hours later he received notification that all the malware had been removed.

Solution

A few hours after that Sucuri sent a message about a number of observed vulnerabilities – such as an out-dated version of Joomla – and offered to do the required updates.

Sucuri resolved all the malware and vulnerabilities. The next step was getting PM2 off the blacklist. Within a couple of days - a miracle to his company who had been fighting with the dilemma for months - they were no longer blacklisted.

Brett continues to receive Sucuri messages concerning Joomla and Wordpress updates, and PM2 has been kept in the clear.

I found the process to be quite stellar. In the whole scheme of things, my team and I am are rank amateurs. You guys were patient with us at each step – the assessment, on how to go forward, executing the cleaning, and maintaining our security. You pointed out what things we needed to change – and as we tried to sort out where glitches were, you were patient with us. Not only was the turnaround-time outstanding, I was incredibly pleased with the customer support that helped us above and beyond the bare minimum that needed to get done. In many cases I asked questions that I knew were out of scope and you were polite enough not to say that I’m an idiot and I shouldn’t be asking those questions but answered them and set me in the right direction.

In addition, the Sucuri representative made Brett feel that as long as he showed interest in trying to understand what was going on and solving it, he was more than happy to help his staff with the education and development of that.

When your site is blacklisted the world as you know it has come to an end and you’re panicky. It’s nice to have that competent level of support and clear communication as you’re fighting through the battle but even after the battle is won, having that ongoing support is outstanding and beyond my expectations

Results

After Sucuri solved Brett’s initial problems, it made it an easy decision to sign on for an extra level of security to sustain the site. Any ideas Sucuri had, Brett felt would be worth it to see it through.

With his website down for the better part of a month, Brett had good reason to be anxious. His key client at the time sensed the urgency of the matter, and so did other clients visiting their website who expressed concern. Existing relationships and future business were all at stake. People were starting to recognize that the PM2 staff wasn’t able to solve the problem and in Brett’s eyes this was a reflection on quality.

Brett relates the devastating experience to a Disney study he once read about how a mother would never take her children into a park if the flowers outside the park were dead. If the plants couldn’t be watered properly, what will happen to her child on those life threatening roller coasters? Brett wholeheartedly agrees:

When a client is looking at having us help them execute their strategy, they don’t want to see an organization that is unable to understand something as simple as a website... "Gosh, if they can’t even maintain a site are they good enough to be looking at our top secret strategy information and giving us guidance on running our business?